Fraud Detection & the Customer Experience Continuum

The key to fraud prevention lies not in the ability to detect, but in its ability to analyze.

You'd think consumers would be pleased to know that their bank is trying to prevent them from becoming the victim of fraud -- but, in fact, you'd be only half right. Yes, you would be thrilled if the bank stops a miscreant half a world away from putting a $2,000 dinner tab on your stolen card. But if the bank refused to honor the card if you were trying to pay for the lavish dinner you had just held for a client whom you had travelled halfway around the world to woo? "Thrilled" would be about the last word to comes to mind.

And there lies the problem for anyone engaged in fraud detection. Looked at from the perspective of the customer experience, there's a very fine line between getting it right and getting it very wrong. Moreover, you generally get it right only when you've really stopped a fraudulent transaction from taking place, but there are so many ways to get it wrong.

Pay at pump (one way or another)
Consider this: Your banking customer is traveling but has not told you about doing so. Suddenly, your fraud detection system is picking up a purchase that looks off. It's not even so wildly off as the $2,000 dinner in a distant city. This might just be for fuel in a distant city. But it's an anomaly -- a transaction taking place at a fuel pump 2,000 miles away from where the customer lives.

Fraud or not fraud? And how do you know? You could block the transaction, but if it is your customer trying to fill the tank, you're providing just the opposite kind of customer experience you're striving to provide. Moreover, your card suddenly moves from top of wallet to that dark, ignominious place reserved for cards the customer would rather not use. Yet if you don't block the transaction and it's not your customer, you will be down by $50 -- and that's not an experience you want to embrace.

Besides, it's more costly than the $50 loss would first indicate. If word gets out that you failed to detect and stop this fraud, your credibility and reputation as a banker will suffer. Clients will find themselves wondering whether their money is safe in your bank. If they start asking that question, it may be only a matter of time before their banking activities move to another institution.

Making the call
What if, instead of blocking the transaction, you reached out and called your customer on her registered cellphone number. You can ask if she's traveling. If she says yes, you can ask her to verify where she is traveling (without providing any prompts to give away the answer you're expecting). If she provides answers that give you confidence that she's the one trying to purchase fuel, then you let the transaction proceed without interruption. Surely this would be seen as great customer service and more proactive fraud protection.

But that, too, can backfire. Customers generally don't like the idea that you're scrutinizing every purchase they make. That can feel more intrusive than vigilant -- creepy rather than protective. Your zeal could actually become a liability no less damaging than the suspicion that you're not zealous enough.

So is there a real path through this minefield? There is.

The key to fraud prevention lies not in the ability to detect, in near real-time, the events that appear anomalous (the expensive meals and the distant fuel purchases). Rather, it lies in the ability to analyze, in real-time, information from many different data sources to determine whether an event really is anomalous. The moment the transaction for that meal or that tank of fuel popped up in your transaction processing system, your customer experience management system should have been looking through other data or activity to identify indicators that the customer would be traveling at this time. Perhaps there's a plane ticket purchase from a month ago. Perhaps there's a hotel reservation that was made weeks ago from the user's home computer. Perhaps the user's Twitter feed has portended this trip for weeks.

The fraud detection system that can perform this kind of multifaceted data analysis -- within a second or two of the supposedly anomalous event -- is the one capable of making a well-informed decision about whether there's fraud occurring or not. If all the signs from all the different data feeds indicate that a trip has long been planned for these dates, your systems should be able to determine -- with a much higher comfort margin -- that the transaction is legitimate. Your job then is to provide an excellent customer experience by making sure the transaction happens as quickly and as smoothly as possible. If, in contrast, your systems analyze the data and discover that your client has used the card in three local stores within the last two hours and was complaining about the local weather on Facebook that morning, then you really may have caught a fraud in progress and can phone the customer with a much lower risk of making the wrong call.

At that point, your vigilance is not creepy. At that point, you've gotten it right.

Dr. John Bates is a Member of the Group Executive Board and Chief Technology Officer at Software AG, responsible for Intelligent Business Operations and Big Data strategies. Until July 2013, John was Executive Vice President and Corporate Chief Technology Officer at Progress ... View Full Bio

Absolutely Jonathan. These different data legislation regions (country, state) mean we have to be quite flexible. It's quite a lot to think about in putting in the technology! When I was in Washington a couple of years' back, I was surprised that the government has an Ambassador for cloud data - to try to negotiate around all the restrictions, e.g. Germany insists all data about Germans must be in Germany - so how does a US public cloud stand there? Currently they must be in local country.

Even here in the U.S. we're starting to see different states pass differing laws on data privacy. What flies in New York might not fly in California. So that's definitely something that has be taken into conisderation.

Yes it can be creepy to know that someone is watching your every move!! It seems to depend on where you're coming from. DBS Bank does this sort of thing in Singapore, Hong Kong and other Asian locations - personalized offers and fraud prevention - and their customers love it! However, would it fly in Germany or other places where people are more worried about their data and privacy? And just what are you doing with all that data about me? :-)

Great you've been looking at this area. Yes, there is "category of one" marketing but while you're learning all that great behavioral information, why not use it for "category of one" fraud prevention - completely personalized and even self-learning!

Thanks a lot for your comment. I agree that some vigilant technology watching our behavior to spot the opportunities and threats is attractive. Like you, that works for me - as long as it doesn't get it wrong too much!! But certainly is scary to many. It seems cultural, e.g. my German colleagues are much more worried about this than my colleagues from Singapore!!!

I agree, great outline on balancing fraud alerts with customer experience. With so many available sources of customer data, banks can better determine which transactions are legitimate and which aren't.

From a customer perspective, it's hard for me to understand people who get annoyed when their bank calls to tell them about a potentially fraudulent transaction. Last Christmas, I got a call alerting me to strange activity on my card and while it wasn't fraud (I just never use that card), I was glad to know the bank was keeping an eye on my account.

John, you nailed this. Last year, I wrote about the connection between fraud and Customer Service last year during National Customer Service week! Contrary to what most company's think, there's a direct correlation between fraud events, fraud detection and Customer Service which many companies fail to integrate into their products and services.